Questions and Answers
Vendor: McAfee Exam Code: MA0-101 Exam Name: McAfee Certified Product Specialist - NSP Demo
MacAfee MA0-101 Exam
QUESTION NO: 1 Which port needs to be opened for Alert Channel communication between Sensor and Manager through a firewall? A. 8501 B. 8502 C. 8503 D. 8555 Answer: B
QUESTION NO: 2 Setting a threshold to allow an IPS to react when traffic volume exceeds the set limit is an example of what type of detection method? A. Signature based B. Pattern matching C. Denial of Service D. Remediation Answer: C
QUESTION NO: 3 Performance debugging mode can be enabled on a sensor for a specified time duration by issuing which of the following CLI commands? A. sensor perf-debug 100 B. sensor perf-debug on 100 C. sensor perf-debug Interface all 100 D. sensor perf-debug assert 100 Answer: A
QUESTION NO: 4 What type of encryption is used for file transfers between the Sensor and the Manager? A. SSL with RC4 B. SSL with MD5 C. SSL with RC4 and MD5 D. DES Page 2 of 26
MacAfee MA0-101 Exam
Answer: D
QUESTION NO: 5 When placed in Layer3 mode, a Sensor detects a Layer2 device based on which of the following? A. MAC address B. IP address C. DNS D. Subnet Answer: B
QUESTION NO: 6 What is the CLI command that enables the output of the MAC/IP address mapping table to the sensor debug files? A. arp spoof status B. arp spoof enable C. arp dump D. arp flush Answer: C
QUESTION NO: 7 DoS detection is implemented in which of the following modes? (Choose two) A. Learning mode B. Configuration mode C. Threshold mode D. Bidirectional mode E. Inbound mode Answer: A,C
Page 3 of 26